Efficient Backdoor Attacks for Deep Neural Networks in Real-world   Scenarios

Ziqiang Li; Hong Sun; Pengfei Xia; Heng Li; Beihao Xia; Yi Wu; Bin Li

arXiv:2306.08386·cs.CR·April 22, 2024·6 cites

Efficient Backdoor Attacks for Deep Neural Networks in Real-world Scenarios

Ziqiang Li, Hong Sun, Pengfei Xia, Heng Li, Beihao Xia, Yi Wu, Bin Li

PDF

Open Access 1 Repo 1 Video

TL;DR

This paper proposes a new, efficient backdoor attack method for deep neural networks that works effectively even when attackers have limited access to training data from multiple sources, outperforming previous methods.

Contribution

Introduces a novel data-constrained backdoor attack approach using CLIP-based techniques, addressing limitations of existing methods under realistic data access restrictions.

Findings

01

Achieves over 100% improvement in attack success rate in constrained scenarios.

02

Effectively suppresses benign features and augments poisoning features.

03

Demonstrates robustness of the proposed method in real-world data collection scenarios.

Abstract

Recent deep neural networks (DNNs) have came to rely on vast amounts of training data, providing an opportunity for malicious attackers to exploit and contaminate the data to carry out backdoor attacks. However, existing backdoor attack methods make unrealistic assumptions, assuming that all training data comes from a single source and that attackers have full access to the training data. In this paper, we introduce a more realistic attack scenario where victims collect data from multiple sources, and attackers cannot access the complete training data. We refer to this scenario as data-constrained backdoor attacks. In such cases, previous attack methods suffer from severe efficiency degradation due to the entanglement between benign and poisoning features during the backdoor injection process. To tackle this problem, we introduce three CLIP-based technologies from two distinct streams:…

Peer Reviews

No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.

Code & Models

Repositories

sunh1113/efficient-backdoor-attacks-for-deep-neural-networks-in-real-world-scenarios
pytorchOfficial

Videos

Efficient Backdoor Attacks for Deep Neural Networks in Real-world Scenarios· slideslive

Taxonomy

TopicsAdversarial Robustness in Machine Learning · COVID-19 diagnosis using AI · Anomaly Detection Techniques and Applications